CVE-2020-0603
Severity CVSS v4.0:
Pending analysis
Type:
CWE-787
Out-of-bounds Write
Publication date:
14/01/2020
Last modified:
21/07/2021
Description
A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.NET Core Remote Code Execution Vulnerability'.
Impact
Base Score 3.x
8.80
Severity 3.x
HIGH
Base Score 2.0
9.30
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:microsoft:asp.net_core:2.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:microsoft:asp.net_core:3.0:*:*:*:*:*:*:* | ||
cpe:2.3:a:microsoft:asp.net_core:3.1:*:*:*:*:*:*:* | ||
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* | ||
cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page